diff --git a/pkg/aa/data_test.go b/pkg/aa/data_test.go
index 5787154bf..360588204 100644
--- a/pkg/aa/data_test.go
+++ b/pkg/aa/data_test.go
@@ -71,13 +71,13 @@ var (
 		"flags":     "rw, rbind",
 	}
 	mount1 = &Mount{
-		RuleBase:        RuleBase{Comment: "failed perms check"},
+		RuleBase:        RuleBase{Comment: " failed perms check"},
 		MountConditions: MountConditions{FsType: "overlay"},
 		Source:          "overlay",
 		MountPoint:      "/var/lib/docker/overlay2/opaque-bug-check1209538631/merged/",
 	}
 	mount2 = &Mount{
-		RuleBase:        RuleBase{Comment: "failed perms check"},
+		RuleBase:        RuleBase{Comment: " failed perms check"},
 		MountConditions: MountConditions{Options: []string{"rw", "rbind"}},
 		Source:          "/oldroot/dev/tty",
 		MountPoint:      "/newroot/dev/tty",
@@ -197,7 +197,7 @@ var (
 		"protocol":       "0",
 	}
 	unix1 = &Unix{
-		Access:    []string{"receive", "send"},
+		Access:    []string{"send", "receive"},
 		Type:      "stream",
 		Protocol:  "0",
 		Address:   "none",
@@ -290,4 +290,30 @@ var (
 		Path:     "@{PROC}/4163/cgroup",
 		Access:   []string{"r"},
 	}
+
+	// Link
+	link1Log    = map[string]string{
+		"apparmor":       "ALLOWED",
+		"operation":      "link",
+		"class":          "file",
+		"profile":        "mkinitcpio",
+		"name":           "/tmp/mkinitcpio.QDWtza/early@{lib}/firmware/i915/dg1_dmc_ver2_02.bin.zst",
+		"comm":           "cp",
+		"requested_mask": "l",
+		"denied_mask":    "l",
+		"fsuid":          "0",
+		"ouid":           "0",
+		"target":         "/tmp/mkinitcpio.QDWtza/root@{lib}/firmware/i915/dg1_dmc_ver2_02.bin.zst",
+		"FSUID":          "root",
+		"OUID":           "root",
+	}
+	link1 = &Link{
+		Path:   "/tmp/mkinitcpio.QDWtza/early@{lib}/firmware/i915/dg1_dmc_ver2_02.bin.zst",
+		Target: "/tmp/mkinitcpio.QDWtza/root@{lib}/firmware/i915/dg1_dmc_ver2_02.bin.zst",
+	}
+	link2 = &File{
+		Owner:  true,
+		Path:   "@{user_config_dirs}/powerdevilrc{,.@{rand6}}",
+		Target: "@{user_config_dirs}/#@{int}",
+	}
 )
diff --git a/pkg/aa/rules_test.go b/pkg/aa/rules_test.go
index f44d2e70c..d2d9bf871 100644
--- a/pkg/aa/rules_test.go
+++ b/pkg/aa/rules_test.go
@@ -88,6 +88,12 @@ func TestRules_FromLog(t *testing.T) {
 			log:     file1Log,
 			want:    file1,
 		},
+		{
+			name:    "link",
+			fromLog: newLinkFromLog,
+			log:     link1Log,
+			want:    link1,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -417,7 +423,7 @@ func TestRules_String(t *testing.T) {
 		{
 			name: "mount",
 			rule: mount1,
-			want: "mount fstype=overlay overlay -> /var/lib/docker/overlay2/opaque-bug-check1209538631/merged/,  #failed perms check",
+			want: "mount fstype=overlay overlay -> /var/lib/docker/overlay2/opaque-bug-check1209538631/merged/,  # failed perms check",
 		},
 		{
 			name: "pivot_root",
@@ -442,7 +448,7 @@ func TestRules_String(t *testing.T) {
 		{
 			name: "unix",
 			rule: unix1,
-			want: "unix (receive send) type=stream protocol=0 addr=none peer=(label=dbus-daemon, addr=@/tmp/dbus-AaKMpxzC4k),",
+			want: "unix (send receive) type=stream protocol=0 addr=none peer=(label=dbus-daemon, addr=@/tmp/dbus-AaKMpxzC4k),",
 		},
 		{
 			name: "dbus",
diff --git a/pkg/aa/templates/rule/file.j2 b/pkg/aa/templates/rule/file.j2
index 57536d8d2..566e7442e 100644
--- a/pkg/aa/templates/rule/file.j2
+++ b/pkg/aa/templates/rule/file.j2
@@ -34,7 +34,7 @@
     {{- .Path -}}
     {{- " " -}}
     {{- with .Target -}}
-        {{ " -> " }}{{ . }}
+        {{ "-> " }}{{ . }}
     {{- end -}}
     {{- "," -}}
     {{- template "comment" . -}}